Reproducible Build: Fails to build due to MapBox requirement

[xrviv]

Greetings team Mixin! 🙂

Danny here from walletscrutiny.com. We verify the reproducibility of Android apps.
So far, we've reviewed over 6500+ Android apps and Bitcoin hardware wallets.

Describe the bug

• Build Failure
• Insufficient build instructions
• Non-verifiability

To Reproduce
Steps to reproduce the behavior:
We attempted to build again with the knowledge that an MR has been merged regarding Emanuel's issue. We assume that the app could be built from hereon.

We begin our manual attempt, with this Dockerfile:

FROM ubuntu:22.04

RUN apt-get update && apt-get install -y --no-install-recommends \
    curl \
    unzip \
    git \
    openjdk-17-jdk \
    && rm -rf /var/lib/apt/lists/*

ENV ANDROID_SDK_ROOT=/opt/android-sdk
ENV PATH=$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools

ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
ENV PATH=$PATH:$JAVA_HOME/bin


RUN mkdir -p $ANDROID_SDK_ROOT/cmdline-tools
RUN cd $ANDROID_SDK_ROOT/cmdline-tools && \
    curl -L --retry 5 --retry-connrefused --insecure https://dl.google.com/android/repository/commandlinetools-linux-10406996_latest.zip -o commandlinetools.zip && \
    unzip commandlinetools.zip && \
    rm commandlinetools.zip && \
    mv cmdline-tools latest

RUN yes | sdkmanager --licenses
RUN sdkmanager "platform-tools" "platforms;android-35" "build-tools;35.0.0"

RUN sdkmanager "ndk;27.0.12077973"

RUN /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" \
    && echo 'eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"' >> /root/.bashrc \
    && eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"

We build the docker image:

cd /tmp/manualtest_one.mixin.messenger
docker build -t mixin-image . && docker run -it --rm -v "$(pwd)":/mnt mixin-image

From there, we execute:

# cd /mnt
# git clone https://github.com/MixinNetwork/android-app.git
# cd android-app
# export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64
# export ANDROID_SDK_ROOT=/opt/android-sdk
# export PATH=$PATH:$ANDROID_SDK_ROOT/cmdline-tools/latest/bin:$ANDROID_SDK_ROOT/platform-tools:$JAVA_HOME/bin
# yes | sdkmanager --licenses
# sdkmanager "platforms;android-31" "build-tools;31.0.0"
# ./gradlew assembleRelease --stacktrace

The complete nosbin paste

After 3 attempts, we noticed a recurring problem whenever we tried to execute ./gradlew.

Could not resolve com.mapbox.maps:android:10.10.0.
     Required by:
         project :app

> Could not get resource 'https://maven.pkg.github.com/checkout/checkout-3ds-sdk-android/com/mapbox/plugin/maps-lifecycle/10.10.0/maps-lifecycle-10.10.0.pom'.
            > Username must not be null!

Expected behavior

1. The app builds successfully
2. We could then run a diff between the built vs the official artifact

Screenshots
Screenshot of mapbox requirements posted on x

Desktop (please complete the following information):

• OS: Ubuntu 22.04
• Browser: Firefox
• Version: 130.01

Smartphone (please complete the following information):

• Device: n/a we used a build server
• OS: n/a we used a build server
• Browser n/a we used a build server
• Version n/a we used a build server

Additional context
We used a debian build server + docker

[crossle]

Please wait a sec, we'll try fix this without download key.